Digital Signature Verification

Discussion in 'Windows 8' started by jaysonpryde, Oct 1, 2012.

  1. jaysonpryde

    jaysonpryde MDL Novice

    Oct 1, 2012
    4
    0
    0
    Hi All,

    I've been following the post here titled "How to decrypt and verify the digital signature of a SLIC table" to somehow learn and apply the digital signature verification process on a potential project.

    For me and my potential project, I can say that the decryption of the digital signature was the most helpful section of this thread. That is, using this formula,
    Decryption = s^e mod n (Where s is the Digital Signature, e is the Public Key Exponent and n is the Public
    Key Modulus.)

    The questions I'd like to ask now (which are in red, bold font, btw) are still related to Digital Signature Verification and related to the usage of the equation mentioned above, but this time, without reference to SLIC table. To be specific, here's the verification I want to do:

    Let's say I want to manually compute/verify the digital signature of WORDICON.EXE (Microsoft Word related file).
    What I did is, on Windows OS, I right-clicked the file and view details of the digital signature and retrieve the message digest. Here is what I get:

    04 14 1f be 4e b6 b4 38 bf 70 e9 96 9b 48 5c 09 b6 d0 3e f0 49 8f

    Now, with respect to this message digest, Is this the encrypted hash (which is the digital signature) or the message digest of the original message?

    Next, I also viewed the certificate and get the public key from it. This is the value I got:

    30 82 01 0a 02 82 01 01 00 bd 30 89 fb 45 72 a8 53 6b 9e 89
    4f 00 23 c0 be d4 1d 3d b1 59 40 38 f3 73 91 82 26 e6 96 12
    00 53 d9 1c 82 0e 3c ce 1d bb bd f7 42 8d 97 d4 fc 38 1a e4
    b9 f9 e3 ec d3 61 03 bf a0 d3 d6 75 4d 5c 46 a9 ed 5e f0 d2
    e2 69 5b 1a 73 ea b3 1c 8d 04 cd 29 44 a0 64 59 2f 1e 98 5d
    6e c7 ab 18 39 82 65 c4 a7 bc ab 75 88 19 ea 87 97 14 26 b3
    7f 26 76 a4 d4 38 39 84 e3 b3 26 d5 18 f9 2b e9 d2 c9 16 5a
    54 21 f2 97 8d 87 86 29 fe f4 49 2c e6 8b f8 04 3f 7d cd cd
    96 92 86 0d 71 03 e2 d0 fe 0c 42 35 ff d7 b8 3f dd 8e 45 0a
    7d f6 d7 4b ad 5b f0 76 72 1d 77 23 7d 89 35 c4 1c 5d b2 50
    03 4b 47 6d 07 a7 55 88 98 06 80 a6 81 ad 54 4e d8 81 d6 fa
    bf 42 c0 31 be 55 0d 99 d5 53 49 12 30 eb e5 a5 88 7c 5e c4
    7a 5a 14 87 08 b4 37 69 a0 eb 32 24 8c 08 eb f9 d4 14 ba e0
    fc cd ea a4 15 02 03 01 00 01

    Given this public key, can you kindly help me identify which on these 2048-bits is the Public Key Exponent and which is the Public Key Modulus?

    Now, once my questions above are answered, the only thing left for me to retrieve is the actual digital signature data for it to be decrypted. My question now is where can I get or even view this digital signature data to substitute to the equation? Unlike on the SLIC Table tutorial where there is a portion on the SLIC table where I can view the digital signature data, I don't know where to find it on files with embedded digital signature.

    Hopefully my questions are clear. And hopefully also, someone will share their thoughts/ideas regarding this.
    Thanks in advance!
     

    Attached Files:

  2. jaysonpryde

    jaysonpryde MDL Novice

    Oct 1, 2012
    4
    0
    0
    Anyone? Thanks!